30 import java.security.cert.CRLException; |
30 import java.security.cert.CRLException; |
31 import java.security.cert.CRLReason; |
31 import java.security.cert.CRLReason; |
32 import java.security.cert.CertificateException; |
32 import java.security.cert.CertificateException; |
33 import java.security.cert.X509CRLEntry; |
33 import java.security.cert.X509CRLEntry; |
34 import java.math.BigInteger; |
34 import java.math.BigInteger; |
35 import java.util.Collection; |
35 import java.util.*; |
36 import java.util.Date; |
|
37 import java.util.Enumeration; |
|
38 import java.util.HashMap; |
|
39 import java.util.Map; |
|
40 import java.util.Set; |
|
41 import java.util.HashSet; |
|
42 |
36 |
43 import javax.security.auth.x500.X500Principal; |
37 import javax.security.auth.x500.X500Principal; |
44 |
38 |
45 import sun.security.util.*; |
39 import sun.security.util.*; |
46 import sun.misc.HexDumpEncoder; |
40 import sun.misc.HexDumpEncoder; |
73 * </pre> |
67 * </pre> |
74 * |
68 * |
75 * @author Hemma Prafullchandra |
69 * @author Hemma Prafullchandra |
76 */ |
70 */ |
77 |
71 |
78 public class X509CRLEntryImpl extends X509CRLEntry { |
72 public class X509CRLEntryImpl extends X509CRLEntry |
|
73 implements Comparable<X509CRLEntryImpl> { |
79 |
74 |
80 private SerialNumber serialNumber = null; |
75 private SerialNumber serialNumber = null; |
81 private Date revocationDate = null; |
76 private Date revocationDate = null; |
82 private CRLExtensions extensions = null; |
77 private CRLExtensions extensions = null; |
83 private byte[] revokedCert = null; |
78 private byte[] revokedCert = null; |
194 * which corresponds to the inner SEQUENCE. |
189 * which corresponds to the inner SEQUENCE. |
195 * |
190 * |
196 * @exception CRLException if an encoding error occurs. |
191 * @exception CRLException if an encoding error occurs. |
197 */ |
192 */ |
198 public byte[] getEncoded() throws CRLException { |
193 public byte[] getEncoded() throws CRLException { |
|
194 return getEncoded0().clone(); |
|
195 } |
|
196 |
|
197 // Called internally to avoid clone |
|
198 private byte[] getEncoded0() throws CRLException { |
199 if (revokedCert == null) |
199 if (revokedCert == null) |
200 this.encode(new DerOutputStream()); |
200 this.encode(new DerOutputStream()); |
201 return revokedCert.clone(); |
201 return revokedCert; |
202 } |
202 } |
203 |
203 |
204 @Override |
204 @Override |
205 public X500Principal getCertificateIssuer() { |
205 public X500Principal getCertificateIssuer() { |
206 return certIssuer; |
206 return certIssuer; |
350 */ |
350 */ |
351 public Set<String> getCriticalExtensionOIDs() { |
351 public Set<String> getCriticalExtensionOIDs() { |
352 if (extensions == null) { |
352 if (extensions == null) { |
353 return null; |
353 return null; |
354 } |
354 } |
355 Set<String> extSet = new HashSet<String>(); |
355 Set<String> extSet = new TreeSet<>(); |
356 for (Extension ex : extensions.getAllExtensions()) { |
356 for (Extension ex : extensions.getAllExtensions()) { |
357 if (ex.isCritical()) { |
357 if (ex.isCritical()) { |
358 extSet.add(ex.getExtensionId().toString()); |
358 extSet.add(ex.getExtensionId().toString()); |
359 } |
359 } |
360 } |
360 } |
371 */ |
371 */ |
372 public Set<String> getNonCriticalExtensionOIDs() { |
372 public Set<String> getNonCriticalExtensionOIDs() { |
373 if (extensions == null) { |
373 if (extensions == null) { |
374 return null; |
374 return null; |
375 } |
375 } |
376 Set<String> extSet = new HashSet<String>(); |
376 Set<String> extSet = new TreeSet<>(); |
377 for (Extension ex : extensions.getAllExtensions()) { |
377 for (Extension ex : extensions.getAllExtensions()) { |
378 if (!ex.isCritical()) { |
378 if (!ex.isCritical()) { |
379 extSet.add(ex.getExtensionId().toString()); |
379 extSet.add(ex.getExtensionId().toString()); |
380 } |
380 } |
381 } |
381 } |
499 CertificateIssuerExtension getCertificateIssuerExtension() { |
499 CertificateIssuerExtension getCertificateIssuerExtension() { |
500 return (CertificateIssuerExtension) |
500 return (CertificateIssuerExtension) |
501 getExtension(PKIXExtensions.CertificateIssuer_Id); |
501 getExtension(PKIXExtensions.CertificateIssuer_Id); |
502 } |
502 } |
503 |
503 |
|
504 /** |
|
505 * Returns all extensions for this entry in a map |
|
506 * @return the extension map, can be empty, but not null |
|
507 */ |
504 public Map<String, java.security.cert.Extension> getExtensions() { |
508 public Map<String, java.security.cert.Extension> getExtensions() { |
|
509 if (extensions == null) { |
|
510 return Collections.emptyMap(); |
|
511 } |
505 Collection<Extension> exts = extensions.getAllExtensions(); |
512 Collection<Extension> exts = extensions.getAllExtensions(); |
506 HashMap<String, java.security.cert.Extension> map = |
513 Map<String, java.security.cert.Extension> map = new TreeMap<>(); |
507 new HashMap<String, java.security.cert.Extension>(exts.size()); |
|
508 for (Extension ext : exts) { |
514 for (Extension ext : exts) { |
509 map.put(ext.getId(), ext); |
515 map.put(ext.getId(), ext); |
510 } |
516 } |
511 return map; |
517 return map; |
512 } |
518 } |
|
519 |
|
520 @Override |
|
521 public int compareTo(X509CRLEntryImpl that) { |
|
522 int compSerial = getSerialNumber().compareTo(that.getSerialNumber()); |
|
523 if (compSerial != 0) { |
|
524 return compSerial; |
|
525 } |
|
526 try { |
|
527 byte[] thisEncoded = this.getEncoded0(); |
|
528 byte[] thatEncoded = that.getEncoded0(); |
|
529 for (int i=0; i<thisEncoded.length && i<thatEncoded.length; i++) { |
|
530 int a = thisEncoded[i] & 0xff; |
|
531 int b = thatEncoded[i] & 0xff; |
|
532 if (a != b) return a-b; |
|
533 } |
|
534 return thisEncoded.length -thatEncoded.length; |
|
535 } catch (CRLException ce) { |
|
536 return -1; |
|
537 } |
|
538 } |
513 } |
539 } |